The new Policy Editor enables users to create, manage, and apply custom security policies using the Rego policy language. These policies extend the power of the Aptori Sift engine by allowing organizations to define rules tailored to their specific security, compliance, or coding standards.
Description:
The new Policy Editor enables users to create, manage, and apply custom security policies using the Rego policy language. These policies extend the power of the Aptori Sift engine by allowing organizations to define rules tailored to their specific security, compliance, or coding standards. Once authored, the policies are stored in the Aptori platform and can be dynamically fetched and included in Sift configurations, ensuring that all relevant custom checks are executed during CI runs.
This feature empowers teams to enforce organization-specific rules, detect violations beyond built-in analyzers, and scale policy-driven security testing across the SDLC.
Where to Find It:
Accessible in the Aptori platform under Policies. Policies can be linked into Sift configurations via the policy_evaluator
section.
Details and schema examples are available in the Policy Evaluator documentation.
Who Can Use It:
Users with permission to manage Sift configurations and platform policies.